The security update for the open-source browser originally was slated to be released on Feb. 21 but was pushed back in order to accommodate a fix for this new flaw " the location.hostname vulnerability -- and other security and stability issues.